Yes, the labs server has been reported as offline. It was pulled downand access blocked at the firewall for some expected hardware upgrades— rolled out a new deployment and new hardware, and the server is upand running internally — and then somebody dropped a nasty RCE in someof the software, and dealing with the ensuing dependency chain ofsoftware upgrades hasn't been a priority. Particularly given it's anon-revenue-generating web site. Having the server offline hasreduced the effort dealing with the folks trying to break into thesite, the folks trying to spam the site, watching for critical patches,and the rest of the "fun" inevitably involved with that particularcommunity project.

Having the server offline has reducedthe effort dealing with the folks trying to break into the site, thefolks trying to spam the site, watching for critical patches, and therest of the "fun" inevitably involved with that particular communityproject.

Yes, but 90% of the useful information about VMS available online hasbeen unavailable for a few weeks. Which is a bummer.

Having the server offline has reducedthe effort dealing with the folks trying to break into the site, thefolks trying to spam the site, watching for critical patches, and therest of the "fun" inevitably involved with that particular communityproject.

Yes, but 90% of the useful information about VMS available online hasbeen unavailable for a few weeks. Which is a bummer.

Having the server offline has reduced the effort dealing with the folkstrying to break into the site, the folks trying to spam the site,watching for critical patches, and the rest of the "fun" inevitablyinvolved with that particular community project.

Yes, but 90% of the useful information about VMS available online hasbeen unavailable for a few weeks. Which is a bummer.

Ah, so the joke was spending what would probably be well past a hundredthousand dollars to host what is a free web site, buying hardware andsoftware that does not and will not address the bottleneck, and thatwould serve to compound the maintenance and upkeep effort and theongoing costs? Well, there could also have been a suggestion to portthe entire content management system over to Fortran. That would havebeen... hilarious.

No, I'm not going to implement a multi-site OpenVMS DT cluster for thepurpose of hosting a free web site. The replacement hardware andsoftware that's already in use — well past OpenVMS in capabilities,much simpler to configure and manage and maintain, and better suitedfor this particular purpose — cost less than a one-core OpenVMS I64license, too. If I wanted to spend rather more than what I alreadyhave, I'd hire the necessary staff or outsource it, and that'd still becheaper than a DT configuration. If I did need a more availableconfiguration — still don't need DT — there are other better andcheaper solutions for hosting a web site, too.

As for the content management system and the rest of the dependenciesthat are blocking exposing that new server, that's a project foranother day. But that effort and resolving those dependencies wouldarise on OpenVMS, with other issues added due to the somewhatproblematic web support present in OpenVMS.

BTW, the conventional interpretation for that particular :-| emoticon(😐) doesn't align with "it's a joke", either. Hence the confusion.

Having the server offline has reducedthe effort dealing with the folks trying to break into the site, thefolks trying to spam the site, watching for critical patches, and therest of the "fun" inevitably involved with that particular communityproject.

Yes, but 90% of the useful information about VMS available online hasbeen unavailable for a few weeks. Which is a bummer.

Yes, the labs server has been reported as offline. It was pulled downand access blocked at the firewall for some expected hardware upgrades— rolled out a new deployment and new hardware, and the server is upand running internally — and then somebody dropped a nasty RCE in someof the software, and dealing with the ensuing dependency chain ofsoftware upgrades hasn't been a priority. Particularly given it's anon-revenue-generating web site. Having the server offline hasreduced the effort dealing with the folks trying to break into thesite, the folks trying to spam the site, watching for critical patches,and the rest of the "fun" inevitably involved with that particularcommunity project.--Pure Personal Opinion | HoffmanLabs LLC

The "LABS" are a wonderful resource. I find that they are often the best resource when I'm looking for assistance and clarification. Hoff's write ups are often my first choice for learning/relearning how to do something in the OpenVMS or Alpha/Itanium hardware worlds. The posts to the write ups by the community are often clarifying and almost always helpful. Their lack of availability has been a wake up call to me. I hadn't realized how much I used them until they weren't readily available.

Yes, the labs server has been reported as offline. It was pulled downand access blocked at the firewall for some expected hardware upgrades— rolled out a new deployment and new hardware, and the server is upand running internally — and then somebody dropped a nasty RCE in someof the software, and dealing with the ensuing dependency chain ofsoftware upgrades hasn't been a priority. Particularly given it's anon-revenue-generating web site. Having the server offline hasreduced the effort dealing with the folks trying to break into thesite, the folks trying to spam the site, watching for critical patches,and the rest of the "fun" inevitably involved with that particularcommunity project.--Pure Personal Opinion | HoffmanLabs LLC

The "LABS" are a wonderful resource. I find that they are often the best resource when I'm looking for assistance and clarification. Hoff's write ups are often my first choice for learning/relearning how to do something in the OpenVMS or Alpha/Itanium hardware worlds. The posts to the write ups by the community are often clarifying and almost always helpful. Their lack of availability has been a wake up call to me. I hadn't realized how much I used them until they weren't readily available.So, thanks for your involvement in this "community project".

I agree. When HP was splitting their site into HP and HPE in 2015, most of their stuff was offline or missing (lots of stuff has vanished forever) while resources at Hoff's site saved my bacon.

###

On a related note, my OpenVMS resources site here:

http://www3.sympatico.ca/n.rieck/links/openvms_resources.html

...is a rinky-dink offering compared to Hoff's site. For example, I don't employ a CMS (content management system) or allow user feedback. Anyway, I plan to retire in 2020 so have been moving my OpenVMS stuff to here:

http://bellics.com/ovms/

Since I started this I can't believe the number of attacks that have been launched against this site. For example, I can't believe the amount of SPAM sent here. Last October someone injected 40,000 emails which this Itanium was trying to forward elsewhere (I thought I had already dealt with the SPAM holes). After I fixed that problem I noticed a continual probing via Telnet, FTP, and SSH. There were only two active accounts on this system, and the passwords where greater than 20 characters but eventually someone is going to get in (STUXNET?) so I closed every service port except 25, 80, 443, and 22 (SSH). I then restricted SSH to only accepting connects from a small subset of domains and even then, only allow one user (with a 20-character password) through.

I only mention this because Hoff's site must have been seeing attacks like this in spades, and it requires a lot of work to keep up with the world-wide-web of hackers. Not sure if Hoff was getting remuneration from HP for his efforts, but with the announcement by HPE to no longer offer standard patch support for "OpenVMS-8.4 on Alpha" starting Jan-1-2017, I think this indicates that HPE is moving on.

Once site logins and user registrations are available and the relatedregistration-traces then become visible to the search engines, thekeeping-a-lid-on-it effort escalates. Don't Read The Comments doesn'tbegin to cover what can happen here, though I've been able to keep mostof that off the site. More than a few entities actively search theweb for open-registration web sites, and they have and use automatedregistration and spamming tools.

Post by Neil RieckSince I started this I can't believe the number of attacks that havebeen launched against this site. For example, I can't believe theamount of SPAM sent here.

Spam to the contact addresses, spam to the return addresses for theregistration mail, spam through the site contact links, spam runs toother folks using those addresses as return addresses for the spam, andmore than a few attempts to post spam as comments, among other bits of"fun". Based on metadata, the vast majority of the site registrationsare from one-shot visits or from bots; from automated tools.

Post by Neil RieckI only mention this because Hoff's site must have been seeing attackslike this in spades,

Anybody running a site is, and it's only getting worse.

Post by Neil Rieckand it requires a lot of work to keep up with the world-wide-web ofhackers. Not sure if Hoff was getting remuneration from HP for hisefforts,

The HoffmanLabs web site is solely funded by HoffmanLabs. While thatmight obviously change in the future, there are no plans to do so.While there've been suggestions around setting up a donation link, thecurrent "vacation" is rather less about the funding than about jugglingthe time investment involved. Dealing with the web site, as well ascreating new and updating content and what few comments are queued.Slogging through debugging and updates in general and specifically forthat pesky RCE in an underlying component, as is the present case.Sometimes slogging on very short notice, and the notices are gettingshorter. There are other and higher-priority projects currentlyseeking that same time. If this were exclusively about payment, I'djust pay somebody to deal with this stuff. And I'm not looking to dothat, as it's a free web site.

Post by Neil Rieckbut with the announcement by HPE to no longer offer standard patchsupport for "OpenVMS-8.4 on Alpha" starting Jan-1-2017, I think thisindicates that HPE is moving on.

HPE have been telling folks that HPE support for OpenVMS is ending, andfor some years. That's been the purpose of the roadmap.Presentations on migrations became quite common there for a while, too.It would not surprise me to see HPE entirely end their OpenVMSefforts including their VSI OpenVMS reseller role once HPE exits theItanium business, as the end of the HPE OpenVMS roadmap is reached,too. VSI will then be the sole outpost of OpenVMS, and for as long asthey remain sufficiently solvent.

Post by Stephen HoffmanOnce site logins and user registrations are available and the relatedregistration-traces then become visible to the search engines, thekeeping-a-lid-on-it effort escalates.

One idea to consider, assuming that Hoff would approve of this strategy,would be to harvest some of the content and "re-deploy" it to websitessuch as stackoverflow.

Some of his articles could probably be repurposed into "questions" andthen answers provides. Others would probably fit well into the documentationsystem.

Stackoverflow and the many stackexchange websites are a terrificresource. It seems like much of Hoff's content could live on there. Thiswould free Hoff of the operational obligation of maintaining a websitein the modern world and would turn it into a community effort.

Post by Stephen HoffmanOnce site logins and user registrations are available and the relatedregistration-traces then become visible to the search engines, thekeeping-a-lid-on-it effort escalates.

One idea to consider, assuming that Hoff would approve of this strategy,would be to harvest some of the content and "re-deploy" it to websitessuch as stackoverflow.Some of his articles could probably be repurposed into "questions" andthen answers provides. Others would probably fit well into the documentationsystem.Stackoverflow and the many stackexchange websites are a terrificresource. It seems like much of Hoff's content could live on there. Thiswould free Hoff of the operational obligation of maintaining a websitein the modern world and would turn it into a community effort.EJ

I'm assuming he has it all backed up. There is a lot of open source server software out there ( https://en.wikipedia.org/wiki/List_of_content_management_systems ) so I wonder if he could recover the data to a different platform. If the previous machine was an Itanium then he might need to move to an x86-XEON (probably an HP ProLiant)

p.s. I had to do something similar recently. I grabbed an old DL-385-G7 then loaded CentOS-7 just to test some open source software.

Post by Neil RieckI'm assuming he has it all backed up. There is a lot of open sourceserver software out there (https://en.wikipedia.org/wiki/List_of_content_management_systems ) soI wonder if he could recover the data to a different platform. If theprevious machine was an Itanium then he might need to move to anx86-XEON (probably an HP ProLiant)

There are hundreds and hundreds of open source CMS solutions(most PHP, some Java, some .NET, some Python).

Yes, there are backups. Nightly database backups, and periodicbackups of the web site configuration, and separate system backups.Etc.

The web server and content management system is also presently up andrunning, and is internally accessible, and is serving the HL sitecontents. From newly-acquired hardware, running current systemsoftware and the same and problematic content management system version.

External access to the web server and the current content has beenfirewalled, pending updates and resolution of the RCE within thecontent management system and particularly within a dependency that'sin use locally.

I'm not inclined to port the contents to another platform nor deal withall that entails, as an upgrade of the current system is almostcertainly going to be easier. Nor am I inclined to install a Xeonserver, as a newly-acquired Core i5 is more than sufficient for what isa free web site.

There are simply some other priorities right now.

The Labs server will be back online when it's upgraded and able to bebrought back online.

Post by Neil Rieckhttp://hoffmanlabs.com/home.htmlhttp://labs.hoffmanlabs.com/node/16Hopefully Steve will see this post.Neil RieckWaterloo, Ontario, Canada.http://bellics.com/ovms/

OK, so we now know it's currently unavailable and we knowthat the site owner is aware.

If it's the former content that's of interest, rather thanthe notification of the unavailability...

What approach would readers normally use when any website nolonger responds as expected, or a previously useful web pagevanishes for some reason?

I know what I'd usually start with. And for the particularpage in question, it currently does what I'd hope it woulddo. Quite simply too, once you work it out.

The approach is not VMS specific nor is it site specific,but it does have some administrative and technical limitswhich occasionally restrict its usefulness.

E.g. the approach does require the current site owner to notobject e.g. much content from the DEC, CPQ, and HP websitesis no longer accessible via this mechanism because thecurrent site owner(s) representatives have requested theircontent (which had previously been available) be removedfrom this mechanism. There are doubtless other reasons whythis approach may fail in some cases, but it's often wortha try.

Hint: Wayback machine at archive.org.

I tried this a few minutes ago on the page in question,leading to (e.g.) this version captured in 2016.